Re: retrying keyex (was: Re: Why SFTP performance sucks, and how to fix it)

To: Jeffrey Hutzelman <jhutz%cmu.edu@localhost>
Subject: Re: retrying keyex (was: Re: Why SFTP performance sucks, and how to fix it)
From: Nicolas Williams <Nicolas.Williams%sun.com@localhost>
Date: Wed, 16 Jul 2003 06:20:43 -0700

On Wed, Jul 16, 2003 at 09:58:53AM +0200, Jeffrey Hutzelman wrote:
> On Wed, 9 Jul 2003, Joel N. Weber II wrote:
> > The case I was thinking of, though, is the case where the client
> > decides it doesn't trust the certificate presented by the server,
> 
> But this case is simple to handle -- you disconnect and try again.

If keyex was re-triable and the session ID hash was taken over the
failed kex messages too (in addition to the other things that go into
it) then it would be possible to detect downgrade attacks.

Disconnecting after kex failure without the possibility of retrying
may leave the user (oh, probably not the average user) wondering if a
downgrade attack was not taking place.

Of course, all of this assumes that one kex is weaker, or, if not, less
desirable, than another.

Anyways, we can fix this some other time.

Cheers,

Nico
--

References:
- Re: retrying keyex (was: Re: Why SFTP performance sucks, and how to fix it)
  - From: Joel N. Weber II
- Re: retrying keyex (was: Re: Why SFTP performance sucks, and how to fix it)
  - From: Jeffrey Hutzelman

Prev by Date: Re: WG chair nits on draft-ietf-secsh-fingerprint-01.txt
Next by Date: Re: draft-ietf-secsh-gsskeyex-06.txt security considerations
Previous by Thread: Re: retrying keyex (was: Re: Why SFTP performance sucks, and how to fix it)
Next by Thread: Re: retrying keyex (was: Re: Why SFTP performance sucks, and how to fix it)
Indexes:

Home | Main Index | Thread Index | Old Index